More than six months on and no movement or comment from WHMCS. Spoke to Stripe support yesterday who directed us to https://stripe.com/docs/sources/three-d-secure and said that adding this to a working gateway module is extremely easy. 3D secure is pretty much mandatory these days for high risk industries like hosting.

We work a lot with the CubeCart E-Commerce system who also had Stripe without 3D secure. Their developers looked at it and added 3D integration within a couple of hours - now that is how to turn around small requests instead of ONLY focusing on large features

Any update on this. 3D secure is almost mandatory from people in Norway. I have had a lot of people messaging me asking if their payment was succeded since they never went through the Verfified by VISA/3D secure process.

In version 7.8 we intend to include an update to the Stripe module which will have support for Stripe's Payment Intents API. This is currently being advertised by Stripe as supporting 3D Secure, and being SCA-Ready for future-proofing.

Do you have an ETA on when 7.8 will be released? The reason I ask is Stripe is now notifying us of the SCA requirement coming in on 14th September.

"On September 14, European regulation will mandate Strong Customer Authentication (SCA) for many online payments. When it goes into effect, a form of two-factor authentication will be required for many card payments. Unless you update your integration, your customers’ banks will decline many transactions."

Hello John, I received right now an email from Stripe that I would like to come to the attention of the programming team. v7.8 is in beta phase, so this feature could probably not make it in time for that, but it could be in the next one. I'll copy and paste. Regards SCA and off-session payments, like the ability to store a card without a transaction, then stat a merchant-initiated transaction excempt from SCA. Would you mind to forward that info?

In preparation for SCA, we’ve introduced a new API to help handle payments that occur when customers are not actively using your application (i.e., off-session). If your business collects payment details for off-session payments, our new API allows you to authenticate a card when saving it and mark subsequent payments as merchant-initiated transactions that can be exempt from SCA. This reduces the risk of an off-session payment being declined and your customer having to return on-session to authenticate."

In v7.8 we are using the Payment Intents API which this guide references. So I expect this will be possible. Please join us in the beta later this month to test whether this meets your requirements, and let us know your feedback in the dedicated section of the community we will make available.

This feature is needed because here in Europe there is a new general reglament that makes required 3DS on payments for every card transactions and all financial institutions are enabling this and all payment gateways should be update to support this.